Responsibilities:

• Monitor the organization’s compliance with relevant data privacy rules and monitor data privacy risks arising in your organization’s activities
• Inform and advise management and employees of their obligations to comply with the relevant data privacy and security laws
• Recommend assessment action plans to identify gaps in relation to regulatory requirements, including developing and managing any mandated documentation or audit trail
• Raise awareness within the organization of how data privacy laws affect data processing requirements
• Ensure staff are trained on data processing requirements
• Promote data privacy awareness, including customized training to personnel, from front-line employees to the board
• Conduct data protection impact assessments
• Inform and advise about the risks arising from data processing activities
• Create an operational roadmap and maturity model for your organization
• Develop data protection impact assessments and risk-mitigation recommendations
• Maintain data Processing records
• Conduct data security and processing audits
• Identify information assets and process flows used to create, store, transmit and dispose of personal data and those that are subject to data privacy specifications
• Advise when actions are required under relevant data privacy laws and when they are advisable because of the data processing risks arising from your organization’s activities
• Serve as a point of contact for data subjects and supervisory authorities
• Monitor compliance with regulatory requirements